View
745
Download
2
Category
Preview:
DESCRIPTION
Basic Networking Guide
Citation preview
Chapter 13: Ensuring Integrity and Availability
Network+ Guide to Networks
2
Objectives:
Identify the characteristics of a network that keep data safe from loss or damage
Protect an enterprise-wide network from viruses
3
Objectives: (continued)
Explain network- and system-level fault-tolerance techniques
Discuss issues related to network backup and recovery strategies
Describe the components of a useful disaster recovery plan
4
What are Integrity and Availability?
• Integrity refers to the soundness of a network’s programs, data, services, devices, and connections.
• Availability of a file or system refers to how consistently and reliably it can be accessed by authorized personnel
5
What are Integrity and Availability? (continued)
• General guidelines for protecting your network
• Allow only network administrators to create or modify NOS and application system files
6
What are Integrity and Availability? (continued)
• Monitor the network for unauthorized access or changes
• Record authorized system changes in a change management system
• Install redundant components
7
What are Integrity and Availability? (continued)
• General guidelines for protecting your network (continued)
• Perform regular health checks on the network
• Check system performance, error logs, and the system log book regularly
8
What are Integrity and Availability? (continued)
• Keep backups, boot disks, and emergency repair disks current and available
• Implement and enforce security and disaster recovery policies
9
Viruses
• A virus is a program that replicates itself with the intent to infect more computers
• Other unwanted and potentially destructive programs are called viruses, but technically do not meet the criteria used to define a virus
• Program that disguises itself as something useful but actually harms your system is called a Trojan horse
10
Viruses (continued)
• Types of Viruses• Boot sector viruses, Macro viruses, File-infected
viruses, Worms, Trojan horse, Network viruses, Bots
• Virus Characteristics• Encryption, Stealth, Polymorphism, Time-
dependence
11
Viruses (continued)
• Virus Protection• Antivirus Software
• Suspecting a virus
• Unexplained increases in file sizes
• Significant, unexplained decline in system performance
• Unusual error messages
• Significant, unexpected loss of system memory
• Fluctuations in display quality
12
Viruses (continued)
• Virus Protection
• Antivirus Software
• Antivirus software should perform
• Signature scanning
• Integrity checking
• Monitoring of unexpected file changes
13
Viruses (continued)
• Virus Protection
• Antivirus Software
• Antivirus software should perform (continued)
• Regular updates and modifications
• Consistently report only valid viruses
• Heuristic scanning -- most fallible
14
Viruses (continued)
• Virus Protection• Antivirus Policies
• Virus detection and cleaning software that regularly scans for viruses
• Users not allowed to alter or disable
• Users know what to do
• Antivirus team appointed maintaining antivirus measures
15
Viruses (continued)
• Virus Protection• Antivirus Policies (continued)
• Users prohibited from installing any unauthorized software
• System-wide alerts issued
• Virus Hoaxes• Type of rumor consists of a false alert about a
dangerous, new virus
• Verify a possible hoax
16
Fault Tolerance
• The capacity for a system to continue performing despite an unexpected hardware or software malfunction
• Failure is a deviation from a specified level of system performance for a given period of time
• Fault involves the malfunction of one component of a system
17
Fault Tolerance (continued)
• Environment• Analyze the physical environment in which your
devices operate
• Power• Power Flaws
• Surge—A momentary increase in voltage
• Noise—A fluctuation in voltage levels
• Brownout—A momentary decrease in voltage
• Blackout—A complete power loss
18
Fault Tolerance (continued)
• Power (continued)
• Uninterruptible Power Supplies (UPSs)
• Prevents A/C power from harming device or interrupting its services
• Standby UPS provides continuous voltage to a device by switching
• Online UPS providing power to a network device through its battery
19
Fault Tolerance (continued)
20
Fault Tolerance (continued)
• Which UPS is right for your network• Amount of power needed
• Period of time to keep a device running
• Line conditioning
• Cost
• Generators• If your organization cannot withstand a power loss you
might consider investing in an electrical generator for your building
21
Fault Tolerance (continued)
• Topology and Connectivity• Each physical topology inherently assumes certain
advantages and disadvantages
• Supplying multiple paths data can use to travel from any one point to another
22
Fault Tolerance (continued)
23
Fault Tolerance (continued)
24
Fault Tolerance (continued)
25
Fault Tolerance (continued)
26
Fault Tolerance (continued)
• Servers• Server Mirroring
• Mirroring is a fault-tolerance technique in which one device or component duplicates the activities of another
• In server mirroring, one server continually duplicates the transactions and data storage of another
27
Fault Tolerance (continued)
•
28
Fault Tolerance (continued)
• Servers• Clustering
• Fault-tolerance technique that links multiple servers together to act as a single server
29
Fault Tolerance (continued)
• Storage• Redundant Array of Independent (or Inexpensive)
Disks (RAID)
• Collection of disks that provide fault tolerance for shared data and applications
• Hardware RAID
• Set of disks and a separate disk controller
• Software RAID
• Software to implement and control RAID
30
Fault Tolerance (continued)
• Storage• RAID (continued)
• RAID Level 0—Disk Striping RAID Level 0
• data is written in 64 KB blocks equally across all disks in the array
31
Fault Tolerance (continued)
32
Fault Tolerance (continued)
• Storage• RAID (continued)
• RAID Level 1—Disk Mirroring RAID Level 1
• provides redundancy through a process called disk mirroring
33
Fault Tolerance (continued)
34
Fault Tolerance (continued)
• Storage• RAID (continued)
• RAID Level 3—Disk Striping with Parity ECC RAID Level 3
• Involves disk striping with a special error correction code (ECC)
35
Fault Tolerance (continued)
36
Fault Tolerance (continued)
37
Fault Tolerance (continued)
• Storage• RAID (continued)
• RAID Level 5—Disk Striping with Distributed Parity
• Highly fault-tolerant
• Data is written in small blocks across several disks
• Parity error checking information is distributed among the disks
38
Fault Tolerance (continued)
39
Fault Tolerance (continued)
• Storage
• Network Attached Storage
• specialized storage device or group of storage devices that provides centralized fault-tolerant data storage for a network
40
Fault Tolerance (continued)
41
Fault Tolerance (continued)
• Storage
• Storage Area Networks (SANs)
• Distinct networks of storage devices that communicate directly with each other and with other networks
42
Fault Tolerance (continued)
43
Data Backup
• A backup is a copy of data or program files created for archiving or safekeeping
• Tape Backups• Copying data to a magnetic tape
44
Data Backup (continued)
45
Data Backup (continued)
• Tape Backups (continued)
• Select the appropriate tape backup solution
• Sufficient storage capacity
• Proven to be reliable
• Data error-checking techniques
• Is the system quick enough
46
Data Backup (continued)
• Tape Backups (continued)
• Select the appropriate tape backup solution
• Tape drive, software, and media cost
• Hardware and software be compatible with existing network
• Frequent manual intervention
• Accommodate your network’s growth
47
Data Backup (continued)
• Online Backups• Companies on the Internet now offer to back up
data over the Internet
48
Data Backup (continued)
• Backup Strategy• What data must be backed up
• What kind of rotation schedule
• When will the backups occur
• How will you verify
49
Data Backup (continued)
• Backup Strategy (continued)• Where will backup media be stored
• Who will take responsibility
• How long will you save backups
• Where will backup and recovery documentation be stored
50
Data Backup (continued)
• Backup Strategy (continued)
• Different backup methods
• Full backup
• Incremental backup
• Differential backup
51
Data Backup (continued)
52
Disaster Recovery
• A disaster recovery plan should identify a disaster recovery team
• Contact for emergency coordinators
• Which data and servers are being backed up
• Network topology, redundancy, and agreements
• Regular strategies for testing
• A plan for managing the crisis
53
Chapter Summary
• Integrity refers to the soundness of your network’s files, systems, and connections
• Several basic measures can be employed to protect data and systems
• A virus is a program that replicates itself
• Boot sector viruses position their code in the boot sector
• Macro viruses take the form of a macro
54
Chapter Summary (continued)
• File-infected viruses attach themselves to executable files
• Network viruses take advantage of network protocols
• A virus bot is a virus that spreads automatically between systems
• Worms are not technically viruses
• A Trojan horse claims to do something useful but instead harms
55
Chapter Summary (continued)
• Any type of virus may have additional characteristics that make it harder to detect and eliminate
• A good antivirus program should be able to detect viruses through signature scanning, integrity checking, and heuristic scanning
• Antivirus software is merely one piece of the puzzle in protecting your network
56
Chapter Summary (continued)
• A virus hoax is a false alert about a dangerous, new virus
• A failure is a deviation from a specified level of system performance for a given period of time
57
Chapter Summary (continued)
• A fault is the malfunction of one component of a system
• Fault tolerance is a system’s capacity to continue performing despite an unexpected hardware or software malfunction
58
Chapter Summary (continued)
• Networks cannot tolerate power loss or less than optimal power
• A UPS is a battery power source directly attached to one or more devices and to a power supply
• A standby UPS provides continuous voltage to a device by switching
59
Chapter Summary (continued)
• An online UPS uses the A/C power from the wall outlet to continuously charge its battery
• For utmost fault tolerance in power supply, a generator is necessary
60
Chapter Summary (continued)
• Network topologies such as a full mesh WAN or a star-based LAN with a parallel backbone offer the greatest fault tolerance
• Hot swappable components can be changed (or swapped) while a machine is still running (hot)
• Critical servers often contain redundant components
61
Chapter Summary (continued)
• Utilizing a second, identical server to duplicate the transactions and data storage of one server is called server mirroring
• Server clustering links multiple servers together to act as a single server
62
Chapter Summary (continued)
• An important storage redundancy feature is a Redundant Array of Independent (or Inexpensive) Disks (RAID)
• Network attached storage (NAS) is a dedicated storage device
• A storage area network (SAN) is a distinct network of multiple storage devices and servers
63
Chapter Summary (continued)
• A backup is a copy of data or program files created for archiving or safekeeping
• A popular, economical method for backing up networked systems is tape backup
• You can also back up data over the Internet
64
Chapter Summary (continued)
• The aim of a good backup rotation scheme is to provide excellent data reliability
• Every organization should have a disaster recovery team
Recommended